<div id="login">
<form name="dangnhap" action="" method="post">
	<p>
    	<label for="taikhoan">Tài khoản</label>
        <input type="text" name="taikhoan" id="taikhoan" />
    </p>
    
    <p>
    	<label for="matkhau">Mật khẩu</label>
        <input type="password" name="matkhau" id="matkhau"  />
    </p>
    
    <p>
    	<input type="submit" name="dangnhap" class="dangnhap" value="Đăng nhập" />
    </p>
</form>
</div>

<?php 

if($_SERVER['REQUEST_METHOD'] == 'POST')
{
	$q	=	mysql_query("SELECT * FROM thanhvien WHERE t_user='".$_POST['taikhoan']."' AND t_pass='".md5($_POST['matkhau'])."' AND t_hoat_dong=1");
	$num	=	mysql_num_rows($q);
	$row	=	mysql_fetch_array($q);
	if($num == 1){
		$_SESSION['_user']['username']	=	$row['t_user'];
		$_SESSION['_user']['id']		=	$row['t_id'];
		$_SESSION['_user']['password']	=	md5($_POST['matkhau']);
		$_SESSION['_user']['level']		=	$row['t_level'];
		echo "<script>location.href='index.php';</script>";
	}
	else{
		echo "<script>alert('Sai user hoac pass!');</script>";
	}
}
?>